Re: CSS hits vs connections

grwilli · ‎07-21-2005

I have a customer with CSS 11503's and 11501's running 7.30 (not sure which build).

When using the 'show summary' to read the number of service hits and comparing that with the Total Connections count of 'show service', the Total Connections end up showing as much less than the hit count.

This behaviour is consistent accross multiple content rule/service combinations and CSS chassis'. Most of the configured services are tied to only one content rule. No ASR configured currently.

What does each counter define and why would they be different?

Thanks ahead for any help.

Gilles Dufour · ‎07-21-2005

the 'conn' displayed with 'show service' indicates the number of active connections - client still connected.

The hits in 'sho summary' displays the total number of connections [active and inactive].

This number will keep increasing while the other one will go up and down.

Regards,

Gilles.

grwilli · ‎07-22-2005

Giles, thanks for the reply. The 'conn' counter in 'show service' that I'm speaking of is specifically 'Total Connections' not 'Current Local Connections'. When viewing, this value always increments and without ASR always matches Total Connections.

In a lab environment the Total Connections will consistently match the Service Hits of 'show summary' - which should be the case when the service is servicing only one content rule. If the service is tied to more than one content rule, Total Connections seem to be (and this makes sense to me) the sum of the Service Hits from each of the content rules it's tied to.

So with my production use 'problem' where Total Connections are showing _less_ than the Service Hits is maybe a bug. I just wanted to make sure that these counters were not describing different aspects of the CSS - say flows vs TCP connections.

Thanks.

Gilles Dufour · ‎07-22-2005

ok - I was thinking about 'sho summary'.

So, there is indeed a problem.

You said, you only see the problem with ASR ? or do you also see it without ASR ?

What's your software version ?

Did you try to do a 'zero all' and see if the problem reappears ?

Thanks,

Gilles.

grwilli · ‎07-22-2005

Currently, we are not running ASR. I mis-spoke the version on my first post, it's 6.10 build 203, upgrade is planned to 7.50 in the next few weeks, not specifically to address this issue, more to get the new ssl-proxy-list functionality.

For an example of the problem on a production unit -

'show summary' Hit count -

4,290,554

'show service' Total Connections count -

484,616

and Total Reused Conns count -

38,246

If the 'show service' counts and the 'show rule' hits came anywhere close to one another I wouldn't be wasting your time, but... This has been a nagging problem for the customer since they went into production. After the upgrade, we'll see if these values sync up better.

Thanks again for your help!

Gilles Dufour · ‎07-25-2005

Can you get a 'script play showtech' and attach it to the discussion.

Is this a Layer5 rule ?

BTW, you can't upgrade to 7.50 if you currently run 6.10.

the 6.x version is for the css11000 and the 7.x version is for the css11500.

These are 2 different platforms that require 2 different software.

Thanks,

Gilles.